South Korea: Raid on online retailer's headquarters after massive data breach
Data of two-thirds of the population has been stolen from South Korea's largest online retailer. Now, police have searched the headquarters for evidence.
(Image: yllyso/Shutterstock.com)
A week after South Korea's largest online retailer publicly disclosed a massive data breach, the police have now searched Coupang's headquarters. The Yonhap news agency reports, stating that they were seeking evidence to help reconstruct the attack. They aim to comprehensively clarify the entire situation, including the identity of the person who leaked the data. Yonhap quotes a police statement. The reason for the data theft is also still being sought. According to the news agency, investigations so far have been based solely on data voluntarily provided by Coupang. The report suggests that key aspects of the attack remain unclear.
Key points still unclear
Coupang announced last week that a former employee allegedly stole personal data of over 33 million customers and left the country. Previously, a data leak had been admitted, but it only concerned 4,500 affected accounts. Instead, it likely involves the names, email, and delivery addresses, and in some cases, the purchase history of probably all customers of the market leader in South Korea. With a population of only about 52 million people in the country, the perpetrator could possess data on a vast majority of households. The intrusion is said to have begun in June.
Videos by heise
The cybersecurity incident is therefore likely to be the largest in South Korea's history. Coupang is known in South Korea for extremely fast deliveries, with over 99 percent of orders delivered within 24 hours. However, criticism of the company's working conditions has also existed for years. According to the Korea Times, more than 20 people have died at work there since 2020. The data breach has long occupied politics in the country; according to the daily newspaper Hankyoreh, a parliamentary hearing was held last week. Representatives of the company indicated, among other things, that the perpetrator had already left the country at the end of 2024. The exact timeline of the data theft is therefore also still unclear.
(mho)
